mirror of
https://github.com/OpenXE-org/OpenXE.git
synced 2024-12-25 06:00:28 +01:00
Merge branch 'master' into mirakl
This commit is contained in:
commit
4351fd7b9d
@ -270,7 +270,7 @@ class TOTPLoginService
|
|||||||
$secret = $this->getTOTPSecret($userId);
|
$secret = $this->getTOTPSecret($userId);
|
||||||
}
|
}
|
||||||
|
|
||||||
$query = "otpauth://totp/{$label}?secret=" . $secret . '&issuer=Xentral&algorithm=SHA1&digits=6&period=30';
|
$query = "otpauth://totp/{$label}?secret=" . $secret . '&issuer=OpenXE&algorithm=SHA1&digits=6&period=30';
|
||||||
|
|
||||||
return $this->barcodeService->createQrCode($query);
|
return $this->barcodeService->createQrCode($query);
|
||||||
}
|
}
|
||||||
|
@ -148,8 +148,7 @@ $tables = [
|
|||||||
'templatemessage',
|
'templatemessage',
|
||||||
'shopimport_auftraege',
|
'shopimport_auftraege',
|
||||||
'versandzentrum_log',
|
'versandzentrum_log',
|
||||||
'api_request_response_log',
|
'api_request_response_log'
|
||||||
'shopimport_amazon_fees',
|
|
||||||
];
|
];
|
||||||
$minMemoryMb = 1;
|
$minMemoryMb = 1;
|
||||||
$minMemory = $minMemoryMb * 1024 * 1024;
|
$minMemory = $minMemoryMb * 1024 * 1024;
|
||||||
@ -623,34 +622,11 @@ if($shopExportLogCleanerActive && $tage > 0) {
|
|||||||
|
|
||||||
$shopExportLogCleanerActive = $app->erp->Firmendaten('cleaner_shopexportlog');
|
$shopExportLogCleanerActive = $app->erp->Firmendaten('cleaner_shopexportlog');
|
||||||
$tage = (int)$app->erp->Firmendaten('cleaner_shopexportlog_tage');
|
$tage = (int)$app->erp->Firmendaten('cleaner_shopexportlog_tage');
|
||||||
$isToDelete = !empty($tableSchemaByTables['shopimport_amazon_fees'])
|
|
||||||
&& !empty($tableSchemaByTables['shopimport_amazon_fees']['todelete']);
|
|
||||||
if((!$shopExportLogCleanerActive || $tage <= 0 || $tage > 30) && $isToDelete) {
|
|
||||||
$shopExportLogCleanerActive = true;
|
|
||||||
if($tage <= 0 || $tage > 30) {
|
|
||||||
$tage = 30;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if($shopExportLogCleanerActive && $tage > 0) {
|
if($shopExportLogCleanerActive && $tage > 0) {
|
||||||
if($tage < 30) {
|
if($tage < 30) {
|
||||||
$tage = 30;
|
$tage = 30;
|
||||||
}
|
}
|
||||||
$app->DB->Delete(
|
|
||||||
sprintf(
|
|
||||||
"DELETE FROM `shopimport_amazon_fees`
|
|
||||||
WHERE DATE_SUB(NOW(), INTERVAL %d DAY) >= `zeitstempel` OR `zeitstempel` = '0000-00-00 00:00:00'",
|
|
||||||
$tage
|
|
||||||
)
|
|
||||||
);
|
|
||||||
$affectedRows = $app->DB->affected_rows();
|
|
||||||
if(!empty($tableSchemaByTables['shopimport_amazon_fees'])
|
|
||||||
&& ($tableSchemaByTables['shopimport_amazon_fees']['todelete'] > 0)) {
|
|
||||||
$tableSchemaByTables['shopimport_amazon_fees']['todelete'] -= $affectedRows;
|
|
||||||
}
|
|
||||||
if($affectedRows > 0 && !empty($optimize['shopimport_amazon_fees'])) {
|
|
||||||
$app->DB->Query('OPTIMIZE TABLE `shopimport_amazon_fees`');
|
|
||||||
unset($optimize['shopimport_amazon_fees']);
|
|
||||||
}
|
|
||||||
$app->DB->Update(
|
$app->DB->Update(
|
||||||
"UPDATE prozessstarter SET letzteausfuerhung=NOW(),mutex=1,mutexcounter=0 WHERE parameter = 'cleaner' AND aktiv = 1"
|
"UPDATE prozessstarter SET letzteausfuerhung=NOW(),mutex=1,mutexcounter=0 WHERE parameter = 'cleaner' AND aktiv = 1"
|
||||||
);
|
);
|
||||||
|
@ -17873,6 +17873,23 @@ INSERT INTO `hook_register` (`hook_action`, `function`, `aktiv`, `position`, `ho
|
|||||||
;
|
;
|
||||||
/* OpenXE 2024-02-03 für belegvorlagen */
|
/* OpenXE 2024-02-03 für belegvorlagen */
|
||||||
|
|
||||||
|
/* OpenXE 2024-08-11 für TOTP */
|
||||||
|
INSERT INTO `hook`(`name`, `aktiv`, `parametercount`, `alias`, `description`) VALUES
|
||||||
|
('login_password_check_otp', 1, 3, '', '');
|
||||||
|
|
||||||
|
INSERT INTO `hook_register`(
|
||||||
|
`hook_action`, `function`, `aktiv`, `position`, `hook`, `module`, `module_parameter`) VALUES
|
||||||
|
( 0, 'TOTPCheckLogin', 1, 1, (SELECT id FROM hook WHERE NAME = 'login_password_check_otp' LIMIT 1), 'totp', 0);
|
||||||
|
/* OpenXE 2024-08-11 für TOTP */
|
||||||
|
|
||||||
|
/* OpenXE 2024-08-11 für Smarty shopimport */
|
||||||
|
INSERT INTO `hook` (`name`, `aktiv`, `parametercount`, `alias`, `description`) VALUES
|
||||||
|
('ImportAuftragBefore', 1, 4, '', '');
|
||||||
|
|
||||||
|
INSERT INTO `hook_register` (`hook_action`, `function`, `aktiv`, `position`, `hook`, `module`, `module_parameter`) VALUES
|
||||||
|
(0, 'ImportAuftragBeforeHook', 1, 1, (SELECT id FROM hook WHERE name = 'ImportAuftragBefore' LIMIT 1), 'onlineshops', 0);
|
||||||
|
/* OpenXE 2024-08-11 für Smarty shopimport */
|
||||||
|
|
||||||
/*
|
/*
|
||||||
BelegPositionenButtons
|
BelegPositionenButtons
|
||||||
|
|
||||||
|
@ -616,7 +616,7 @@ class TemplateParser {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if(count($this->VARARRAY)>0)
|
if(!empty($this->VARARRAY))
|
||||||
foreach($this->VARARRAY as $key=>$value)
|
foreach($this->VARARRAY as $key=>$value)
|
||||||
{
|
{
|
||||||
if($key!="")
|
if($key!="")
|
||||||
|
@ -36,7 +36,7 @@ class PLACEHOLDER_MODULECLASSNAME {
|
|||||||
// columns that are aligned right (numbers etc)
|
// columns that are aligned right (numbers etc)
|
||||||
// $alignright = array(4,5,6,7,8);
|
// $alignright = array(4,5,6,7,8);
|
||||||
|
|
||||||
$findcols = array('PLACEHOLDER_ID_COLUMN','PLACEHOLDER_ID_COLUMN',PLACEHOLDER_SQL_COLUMNS);
|
$findcols = array('PLACEHOLDER_ID_COLUMN','PLACEHOLDER_ID_COLUMN',PLACEHOLDER_SQL_COLUMNS); // use 'null' for non-searchable columns
|
||||||
$searchsql = array(PLACEHOLDER_SQL_COLUMNS);
|
$searchsql = array(PLACEHOLDER_SQL_COLUMNS);
|
||||||
|
|
||||||
$defaultorder = 1;
|
$defaultorder = 1;
|
||||||
@ -60,6 +60,8 @@ class PLACEHOLDER_MODULECLASSNAME {
|
|||||||
$count = "SELECT count(DISTINCT id) FROM PLACEHOLDER_MODULENAME WHERE $where";
|
$count = "SELECT count(DISTINCT id) FROM PLACEHOLDER_MODULENAME WHERE $where";
|
||||||
// $groupby = "";
|
// $groupby = "";
|
||||||
|
|
||||||
|
// echo($sql." WHERE ".$where." ".$groupby);
|
||||||
|
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -62,7 +62,7 @@
|
|||||||
{|Rechnungsdatum|}:
|
{|Rechnungsdatum|}:
|
||||||
</td>
|
</td>
|
||||||
<td>
|
<td>
|
||||||
<input type="text" name="rechnungsdatum" id="rechnungsdatum" value="[RECHNUNGSDATUM]" size="20" [SAVEDISABLED]>
|
<input type="text" name="rechnungsdatum" id="rechnungsdatum" value="[RECHNUNGSDATUM]" size="20" [SAVEDISABLED] required>
|
||||||
</td>
|
</td>
|
||||||
</tr>
|
</tr>
|
||||||
<tr>
|
<tr>
|
||||||
@ -103,7 +103,7 @@
|
|||||||
{|Zahlbar bis|}:
|
{|Zahlbar bis|}:
|
||||||
</td>
|
</td>
|
||||||
<td>
|
<td>
|
||||||
<input type="text" name="zahlbarbis" id="zahlbarbis" value="[ZAHLBARBIS]" size="20" [SAVEDISABLED]>
|
<input type="text" name="zahlbarbis" id="zahlbarbis" value="[ZAHLBARBIS]" size="20" [SAVEDISABLED]> <input type="number" name="zahlbarbis_tage" id="zahlbarbis_tage" size="4" [SAVEDISABLED]> Tage
|
||||||
</td>
|
</td>
|
||||||
</tr>
|
</tr>
|
||||||
<tr>
|
<tr>
|
||||||
@ -119,7 +119,7 @@
|
|||||||
{|Skonto bis|}:
|
{|Skonto bis|}:
|
||||||
</td>
|
</td>
|
||||||
<td>
|
<td>
|
||||||
<input type="text" name="skontobis" id="skontobis" value="[SKONTOBIS]" size="20" [SAVEDISABLED]>
|
<input type="text" name="skontobis" id="skontobis" value="[SKONTOBIS]" size="20" [SAVEDISABLED]> <input type="number" name="skontobis_tage" id="skontobis_tage" size="4" [SAVEDISABLED]> Tage
|
||||||
</td>
|
</td>
|
||||||
</tr>
|
</tr>
|
||||||
<tr>
|
<tr>
|
||||||
|
@ -1,134 +1,133 @@
|
|||||||
<?php
|
<?php
|
||||||
/*
|
/*
|
||||||
**** COPYRIGHT & LICENSE NOTICE *** DO NOT REMOVE ****
|
**** COPYRIGHT & LICENSE NOTICE *** DO NOT REMOVE ****
|
||||||
*
|
*
|
||||||
* Xentral (c) Xentral ERP Sorftware GmbH, Fuggerstrasse 11, D-86150 Augsburg, * Germany 2019
|
* Xentral (c) Xentral ERP Sorftware GmbH, Fuggerstrasse 11, D-86150 Augsburg, * Germany 2019
|
||||||
*
|
*
|
||||||
* This file is licensed under the Embedded Projects General Public License *Version 3.1.
|
* This file is licensed under the Embedded Projects General Public License *Version 3.1.
|
||||||
*
|
*
|
||||||
* You should have received a copy of this license from your vendor and/or *along with this file; If not, please visit www.wawision.de/Lizenzhinweis
|
* You should have received a copy of this license from your vendor and/or *along with this file; If not, please visit www.wawision.de/Lizenzhinweis
|
||||||
* to obtain the text of the corresponding license version.
|
* to obtain the text of the corresponding license version.
|
||||||
*
|
*
|
||||||
**** END OF COPYRIGHT & LICENSE NOTICE *** DO NOT REMOVE ****
|
**** END OF COPYRIGHT & LICENSE NOTICE *** DO NOT REMOVE ****
|
||||||
*/
|
*/
|
||||||
?>
|
?>
|
||||||
<?php
|
<?php
|
||||||
|
|
||||||
use Xentral\Components\Http\JsonResponse;
|
use Xentral\Components\Http\JsonResponse;
|
||||||
use Xentral\Modules\TOTPLogin\TOTPLoginService;
|
use Xentral\Modules\TOTPLogin\TOTPLoginService;
|
||||||
|
|
||||||
class Totp
|
class Totp
|
||||||
{
|
{
|
||||||
/** @var Application */
|
/** @var Application */
|
||||||
private $app;
|
private $app;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Totp constructor.
|
* Totp constructor.
|
||||||
*
|
*
|
||||||
* @param Application $app
|
* @param Application $app
|
||||||
* @param bool $intern
|
* @param bool $intern
|
||||||
*/
|
*/
|
||||||
public function __construct($app, $intern = false)
|
public function __construct($app, $intern = false)
|
||||||
{
|
{
|
||||||
$this->app = $app;
|
$this->app = $app;
|
||||||
|
|
||||||
if($intern) return;
|
if($intern) return;
|
||||||
|
|
||||||
$app->ActionHandlerInit($this);
|
$app->ActionHandlerInit($this);
|
||||||
|
|
||||||
$app->ActionHandler('generate', 'TOTPGenerateSecretJSON');
|
$app->ActionHandler('generate', 'TOTPGenerateSecretJSON');
|
||||||
$app->ActionHandler('enable', 'TOTPEnable');
|
$app->ActionHandler('enable', 'TOTPEnable');
|
||||||
$app->ActionHandler('disable', 'TOTPDisable');
|
$app->ActionHandler('disable', 'TOTPDisable');
|
||||||
|
|
||||||
$app->ActionHandlerListen($app);
|
$app->ActionHandlerListen($app);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function Install()
|
public function Install()
|
||||||
{
|
{
|
||||||
$tableName = 'user_totp';
|
$tableName = 'user_totp';
|
||||||
$this->app->erp->CheckTable($tableName);
|
$this->app->erp->CheckTable($tableName);
|
||||||
$this->app->erp->CheckColumn('id', 'UNSIGNED INT', $tableName, 'NOT NULL AUTO_INCREMENT');
|
$this->app->erp->CheckColumn('id', 'UNSIGNED INT', $tableName, 'NOT NULL AUTO_INCREMENT');
|
||||||
$this->app->erp->CheckColumn('user_id', 'INT', $tableName, 'UNSIGNED NOT NULL');
|
$this->app->erp->CheckColumn('user_id', 'INT', $tableName, 'UNSIGNED NOT NULL');
|
||||||
$this->app->erp->CheckColumn('active', 'TINYINT(1)', $tableName, 'UNSIGNED DEFAULT 0');
|
$this->app->erp->CheckColumn('active', 'TINYINT(1)', $tableName, 'UNSIGNED DEFAULT 0');
|
||||||
$this->app->erp->CheckColumn('secret', 'VARCHAR(100)', $tableName, 'NOT NULL');
|
$this->app->erp->CheckColumn('secret', 'VARCHAR(100)', $tableName, 'NOT NULL');
|
||||||
$this->app->erp->CheckColumn('created_at', 'TIMESTAMP', $tableName, 'DEFAULT NOW()');
|
$this->app->erp->CheckColumn('created_at', 'TIMESTAMP', $tableName, 'DEFAULT NOW()');
|
||||||
$this->app->erp->CheckColumn('modified_at', 'TIMESTAMP', $tableName);
|
$this->app->erp->CheckColumn('modified_at', 'TIMESTAMP', $tableName);
|
||||||
$this->app->erp->CheckIndex($tableName, 'user_id', true);
|
$this->app->erp->CheckIndex($tableName, 'user_id', true);
|
||||||
|
|
||||||
$this->app->erp->RegisterHook('login_password_check_otp', 'totp', 'TOTPCheckLogin', 1, false, null, 3);
|
$this->app->erp->RegisterHook('login_password_check_otp', 'totp', 'TOTPCheckLogin', 1, false, null, 3);
|
||||||
}
|
}
|
||||||
|
|
||||||
function TOTPDisable(){
|
function TOTPDisable(){
|
||||||
$action = $this->app->Secure->GetPOST('action');
|
$action = $this->app->Secure->GetPOST('action');
|
||||||
|
|
||||||
if($action !== 'disable'){
|
if($action !== 'disable'){
|
||||||
return new JsonResponse(['status' => 'error', 'msg' => 'muss POST sein'], 400);
|
return new JsonResponse(['status' => 'error', 'msg' => 'muss POST sein'], 400);
|
||||||
}
|
}
|
||||||
|
|
||||||
/** @var TOTPLoginService $totpLoginService */
|
/** @var TOTPLoginService $totpLoginService */
|
||||||
$totpLoginService = $this->app->Container->get('TOTPLoginService');
|
$totpLoginService = $this->app->Container->get('TOTPLoginService');
|
||||||
|
|
||||||
$userId = $this->app->User->GetID();
|
$userId = $this->app->User->GetID();
|
||||||
|
|
||||||
$totpLoginService->disableTotp($userId);
|
$totpLoginService->disableTotp($userId);
|
||||||
|
|
||||||
return new JsonResponse(['status' => 'success']);
|
return new JsonResponse(['status' => 'success']);
|
||||||
}
|
}
|
||||||
|
|
||||||
function TOTPEnable(){
|
function TOTPEnable(){
|
||||||
$secret = $this->app->Secure->GetPOST('secret');
|
$secret = $this->app->Secure->GetPOST('secret');
|
||||||
|
|
||||||
if(empty($secret)){
|
if(empty($secret)){
|
||||||
return new JsonResponse(['status' => 'error', 'msg' => 'Secret Empty'], 400);
|
return new JsonResponse(['status' => 'error', 'msg' => 'Secret Empty'], 400);
|
||||||
}
|
}
|
||||||
|
|
||||||
/** @var TOTPLoginService $totpLoginService */
|
/** @var TOTPLoginService $totpLoginService */
|
||||||
$totpLoginService = $this->app->Container->get('TOTPLoginService');
|
$totpLoginService = $this->app->Container->get('TOTPLoginService');
|
||||||
|
|
||||||
$userId = $this->app->User->GetID();
|
$userId = $this->app->User->GetID();
|
||||||
|
|
||||||
$totpLoginService->enableTotp($userId);
|
$totpLoginService->enableTotp($userId);
|
||||||
$totpLoginService->setUserSecret($userId, $secret);
|
$totpLoginService->setUserSecret($userId, $secret);
|
||||||
|
|
||||||
return new JsonResponse(['status' => 'success']);
|
return new JsonResponse(['status' => 'success']);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param $userID
|
* @param $userID
|
||||||
* @param $token
|
* @param $token
|
||||||
* @param $passwordValid
|
* @param $passwordValid
|
||||||
*
|
*
|
||||||
* @throws Exception
|
* @throws Exception
|
||||||
*/
|
*/
|
||||||
public function TOTPCheckLogin($userID, $token, &$passwordValid)
|
public function TOTPCheckLogin($userID, $token, &$passwordValid)
|
||||||
{
|
{
|
||||||
/** @var TOTPLoginService $totpLoginService */
|
/** @var TOTPLoginService $totpLoginService */
|
||||||
$totpLoginService = $this->app->Container->get('TOTPLoginService');
|
$totpLoginService = $this->app->Container->get('TOTPLoginService');
|
||||||
|
if(!$totpLoginService->isTOTPEnabled($userID)){
|
||||||
if(!$totpLoginService->isTOTPEnabled($userID)){
|
return;
|
||||||
return;
|
}
|
||||||
}
|
$passwordValid = $totpLoginService->isTokenValid($userID, $token);
|
||||||
$passwordValid = $totpLoginService->isTokenValid($userID, $token);
|
}
|
||||||
}
|
|
||||||
|
public function TOTPGenerateSecretJSON(){
|
||||||
public function TOTPGenerateSecretJSON(){
|
/** @var TOTPLoginService $totpLoginService */
|
||||||
/** @var TOTPLoginService $totpLoginService */
|
$totpLoginService = $this->app->Container->get('TOTPLoginService');
|
||||||
$totpLoginService = $this->app->Container->get('TOTPLoginService');
|
|
||||||
|
/** @var \Xentral\Components\Token\TOTPTokenManager $tokenManager */
|
||||||
/** @var \Xentral\Components\Token\TOTPTokenManager $tokenManager */
|
$tokenManager = $this->app->Container->get('TOTPTokenManager');
|
||||||
$tokenManager = $this->app->Container->get('TOTPTokenManager');
|
|
||||||
|
$secret = $tokenManager->generateBase32Secret();
|
||||||
$secret = $tokenManager->generateBase32Secret();
|
|
||||||
|
$label = 'OpenXE' . ':' . $this->app->User->Getname();
|
||||||
$label = 'Xentral' . ' | ' . $this->app->erp->GetFirmaName();
|
|
||||||
|
$qr = $totpLoginService->generatePairingQrCode($this->app->User->GetID(), $label, $secret);
|
||||||
$qr = $totpLoginService->generatePairingQrCode($this->app->User->GetID(), $label, $secret);
|
|
||||||
|
return new JsonResponse(
|
||||||
return new JsonResponse(
|
[
|
||||||
[
|
'secret' => $secret,
|
||||||
'secret' => $secret,
|
'qr' => $qr->toHtml(4, 4)
|
||||||
'qr' => $qr->toHtml(4, 4)
|
]
|
||||||
]
|
);
|
||||||
);
|
}
|
||||||
}
|
}
|
||||||
}
|
|
||||||
|
File diff suppressed because it is too large
Load Diff
Loading…
Reference in New Issue
Block a user